x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

Fix a bug that can change a stack value after stepping into a PUSHF instruction with a singleshoot breakpoint

This commit is contained in:
shocoman 2023-06-04 14:27:25 +07:00
parent 882bc1bc30
commit 7a7530cef1
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
TitanEngine/TitanEngine.Debugger.DebugLoop.cpp
View File

@ -554,12 +554,6 @@ __declspec(dllexport) void TITCALL DebugLoop()
SetThreadContext(hActiveThread, &myDBGContext);
EngineCloseHandle(hActiveThread);
VirtualProtectEx(dbgProcessInformation.hProcess, (LPVOID)FoundBreakPoint.BreakPointAddress, FoundBreakPoint.BreakPointSize, OldProtect, &OldProtect);
ULONG_PTR ueCurrentPosition = FoundBreakPoint.BreakPointAddress;
unsigned char instr[16];
MemoryReadSafe(dbgProcessInformation.hProcess, (void*)ueCurrentPosition, instr, sizeof(instr), 0);
char* DisassembledString = (char*)StaticDisassembleEx(ueCurrentPosition, (LPVOID)instr);
if(strstr(DisassembledString, "PUSHF"))
PushfBPX = true;
if(FoundBreakPoint.BreakPointType == UE_SINGLESHOOT)
{
@ -568,6 +562,16 @@ __declspec(dllexport) void TITCALL DebugLoop()
ResetBPXAddressTo = NULL;
ResetBPX = false;
}
else
{
// if the current instruction pushes the flags, erase the trap flag from the stack after its execution
ULONG_PTR ueCurrentPosition = FoundBreakPoint.BreakPointAddress;
unsigned char instr[16];
MemoryReadSafe(dbgProcessInformation.hProcess, (void*)ueCurrentPosition, instr, sizeof(instr), 0);
char* DisassembledString = (char*)StaticDisassembleEx(ueCurrentPosition, (LPVOID)instr);
if(strstr(DisassembledString, "PUSHF"))
PushfBPX = true;
}
//execute callback
myCustomBreakPoint = (fCustomBreakPoint)((LPVOID)FoundBreakPoint.ExecuteCallBack);